What personal data kingbet9casino.com collects, why, how long we keep it, who it is shared with, and the rights you have over it under Australian and EU law.
kingbet9casino.com is an independent online casino review platform run out of Sydney, Australia. We are not a casino. We operate no gambling services, take no deposits and process no withdrawals, and we hold no player accounts. Our data processing is slim to match — we're an informational publisher, and our privacy obligations follow from that.
The casino we review — KingBet9 Casino — is a separate legal entity run by a third party under a Curaçao licence. Its privacy practices answer to its own policy, on its own site, and lie entirely beyond our control.
When you reach us by email, we receive:
When you visit any page on this site, our hosting infrastructure and analytics tools automatically collect:
We collect no real name, home address, phone number, financial details or government identifiers through any automatic mechanism, and we don't knowingly collect data from anyone under 18.
| Purpose | Data used | Legal basis (where GDPR applies) |
|---|---|---|
| Responding to your enquiry | Contact form data, email | Legitimate interest / consent |
| Site analytics (aggregate traffic trends) | Anonymised IP, pages viewed, device type | Legitimate interest |
| Affiliate attribution (tracking referrals) | Click identifier passed to operator | Legitimate interest |
| Security and abuse prevention | IP address, user-agent, request patterns | Legitimate interest |
| Compliance with legal obligations | Server logs | Legal obligation |
We don't build advertising profiles from your data, we don't run remarketing, and we don't sell, rent or trade personal data to third parties for marketing.
We rely on a small number of processors to run the site. Each has its own privacy policy, which supersedes ours for the specific processing they do:
Where these processors transfer data internationally, we rely on their standard contractual clauses and the adequacy mechanisms they publish. A full list of sub-processors for each third party is on their respective documentation.
| Category | Retention period |
|---|---|
| Contact-form submissions and email correspondence | 12 months after last interaction, unless longer is needed to resolve an ongoing matter |
| Server access logs (full IP) | 90 days |
| Aggregated analytics (GA4, no PII) | Up to 26 months per GA4 default retention |
| Affiliate click events | Per the affiliate network's policy, typically up to 24 months |
| Editorial records required by correction policy | Retained as long as the corresponding article is live, for audit of the correction log |
Once a retention period runs out, the data is deleted or anonymised, and backups cycle on a shorter rotation and expire by themselves.
As an Australian resident, you have the right to:
If you are a resident of the EU or the UK, you additionally have rights to data portability, restriction of processing, objection to processing, and the right to be forgotten (erasure), subject to the usual legal exceptions.
Email [email protected] with "Privacy" in the subject line. We will respond within 30 days. We will verify your identity before disclosing any personal data. The process is documented on the contact page.
There's no charge for exercising your rights. Where a request is plainly unfounded or excessive — repeated requests for the same data, for example — we may levy a reasonable fee or decline to act, to the extent the law allows.
We use cookies and similar technologies for analytics, security, and basic site function. A full cookie list, the purpose of each cookie, the retention, and how to manage them in your browser is on the cookie policy page. You can block or clear non-essential cookies at any time from your browser settings.
Our main processors (Cloudflare, Google Analytics) run global infrastructure, which means personal data can be moved to, or reached from, jurisdictions outside Australia — typically the United States and Europe. Those transfers fall under the processors' standard contractual clauses and adequacy mechanisms, as their own privacy policies set out.
Where you have the legal right to object to international transfer, you can exercise it by emailing the privacy address above. In practice, objecting typically means asking us to delete the data rather than restrict its location.
The site is served over TLS 1.2+ with modern cipher suites, and the admin side of the hosting runs two-factor authentication. Contact-form submissions and email correspondence are held in a mailbox guarded by provider-side encryption and 2FA. Within the small team, access to personal data goes only to whoever needs it for the job in front of them.
No online system is flawlessly secure. Should a breach affect your personal information, we'll notify those affected and the OAIC under the Notifiable Data Breaches scheme in Australian law, along with any matching GDPR obligations where they apply.
This site, the review, and all casinos discussed on it are for adults aged 18 or over. We do not knowingly collect personal information from anyone under 18. If you are a parent or guardian and believe your child has submitted information to this site, please email [email protected] and we will delete the submission. Our broader position on minors and gambling is on the responsible gambling page.
We revise this policy when our practices move — say, when we add or drop a processor, rework retention periods, or respond to a change in legal obligations. A material change moves the "last updated" date at the top of this page, and for significant changes we run a short notice at the top of both the homepage and the policy page for at least 30 days afterward.
This document is the current, authoritative version of our privacy practices. Historic versions are available on request through the contact page.
